Skip to main content

Privacy Policy

Last updated: April 30, 2026

1. Introduction

SimuPipe ("we", "our", "the Service") is operated by SimuPipe, Ireland. We respect your privacy. This policy explains what data we collect, how we use it, the legal basis for processing, and your rights under the General Data Protection Regulation (GDPR) and applicable privacy laws.

For any privacy-related questions, contact us at privacy@simupipe.com.

2. Data We Collect

We collect the following information when you use SimuPipe:

  • Account information: Email address and hashed password (managed by Supabase authentication)
  • Project data: Pipe network models, simulation configurations, and results that you create and save
  • Usage data: Basic usage information such as login timestamps and request logs

We do not collect any special categories of personal data (health, biometric, political, etc.).

3. Lawful Basis for Processing

Under GDPR Article 6, we process your personal data on the following legal bases:

  • Contract performance (Art. 6(1)(b)): Processing your account information and project data is necessary to provide the Service you signed up for.
  • Legitimate interest (Art. 6(1)(f)): We collect basic usage data (login timestamps, request logs) to maintain service security, detect abuse, and debug issues.

We do not process your data for marketing purposes or automated decision-making.

4. How We Use Your Data

Your data is used to:

  • Provide and maintain the Service
  • Authenticate your account and protect against unauthorized access
  • Save and retrieve your pipe network projects
  • Run simulations on your submitted network models

We do not sell, rent, or share your personal data with third parties for marketing purposes.

5. Internal Access to Project Data

To improve SimuPipe and provide effective support, authorized SimuPipe personnel may access user project content (network diagrams, simulation configurations, and saved files) for the following purposes:

  • Product improvement: understanding how SimuPipe is used in practice, so we can prioritize features, fix usability issues, and improve the simulation engine
  • Technical support and debugging: investigating issues you report, or that we detect on our side, that require looking at your specific project
  • Abuse and security: investigating suspected abuse, integrity violations, or security incidents

This access is gated to a small number of authorized accounts (currently the founder), logged for accountability, and limited to what is necessary for the stated purpose. Where the purpose allows, project data is reviewed alongside an anonymized user identifier rather than your email or name. We do not share your project content with anyone outside SimuPipe and do not use it to train third-party models.

The lawful basis is legitimate interest under GDPR Article 6(1)(f). You can object to this processing at any time by contacting privacy@simupipe.com.

6. Data Storage, Security, and International Transfers

Your data is stored securely using Supabase (hosted on AWS infrastructure). We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed passwords, and row-level security policies to protect your data.

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States, through our third-party service providers. These transfers rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards as required by GDPR.

7. Cookies and Local Storage

SimuPipe uses browser local storage to save your UI preferences (theme, unit preferences). Supabase authentication uses secure tokens stored in local storage. We do not use third-party tracking cookies or analytics services.

8. Your Rights

Under GDPR and applicable privacy laws, you have the right to:

  • Access the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your account and associated data
  • Data portability — export your project data (via the JSON export feature)
  • Restrict processing — request that we limit how we use your data
  • Object to processing — object to processing based on legitimate interest
  • Lodge a complaint — you have the right to lodge a complaint with your local data protection authority (DPA) if you believe your rights have been violated

To exercise any of these rights, contact us at privacy@simupipe.com. We will respond within 30 days.

9. Data Retention

We retain your data for as long as your account is active. If you delete your account, your personal data and project data will be permanently removed within 30 days.

10. Third-Party Services

SimuPipe uses the following third-party services to operate (acting as data processors on our behalf):

  • Supabase: Authentication and database hosting (AWS, US)
  • Cloudflare: Frontend hosting and CDN (global)
  • Railway: Backend API hosting (Europe/US)

These services have their own privacy policies governing their handling of data. We only share the minimum data necessary for each service to function.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. If we make material changes that affect how we handle your personal data, we will notify you via the email address associated with your account.

12. Contact

SimuPipe is the data controller responsible for your personal data. If you have questions about this Privacy Policy or your data, please contact us at:

SimuPipe
Ireland
Email: privacy@simupipe.com